June 2018 - Linux-stable-mirror

[merged] mm-huge_memoryc-__split_huge_page-use-atomic-clearpagedirty.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty() has been removed from the -mm tree. Its filename was mm-huge_memoryc-__split_huge_page-use-atomic-clearpagedirty.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Hugh Dickins <hughd(a)google.com> Subject: mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty() Swapping load on huge=always tmpfs (with khugepaged tuned up to be very eager, but I'm not sure that is relevant) soon hung uninterruptibly, waiting for page lock in shmem_getpage_gfp()'s find_lock_entry(), most often when "cp -a" was trying to write to a smallish file. Debug showed that the page in question was not locked, and page->mapping NULL by now, but page->index consistent with having been in a huge page before. Reproduced in minutes on a 4.15 kernel, even with 4.17's 605ca5ede764 ("mm/huge_memory.c: reorder operations in __split_huge_page_tail()") added in; but took hours to reproduce on a 4.17 kernel (no idea why). The culprit proved to be the __ClearPageDirty() on tails beyond i_size in __split_huge_page(): the non-atomic __bitoperation may have been safe when 4.8's baa355fd3314 ("thp: file pages support for split_huge_page()") introduced it, but liable to erase PageWaiters after 4.10's 62906027091f ("mm: add PageWaiters indicating tasks are waiting for a page bit"). Link: http://lkml.kernel.org/r/alpine.LSU.2.11.1805291841070.3197@eggly.anvils Fixes: 62906027091f ("mm: add PageWaiters indicating tasks are waiting for a page bit") Signed-off-by: Hugh Dickins <hughd(a)google.com> Acked-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Cc: Konstantin Khlebnikov <khlebnikov(a)yandex-team.ru> Cc: Nicholas Piggin <npiggin(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/huge_memory.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff -puN mm/huge_memory.c~mm-huge_memoryc-__split_huge_page-use-atomic-clearpagedirty mm/huge_memory.c --- a/mm/huge_memory.c~mm-huge_memoryc-__split_huge_page-use-atomic-clearpagedirty +++ a/mm/huge_memory.c @@ -2431,7 +2431,7 @@ static void __split_huge_page(struct pag __split_huge_page_tail(head, i, lruvec, list); /* Some pages can be beyond i_size: drop them from page cache */ if (head[i].index >= end) { - __ClearPageDirty(head + i); + ClearPageDirty(head + i); __delete_from_page_cache(head + i, NULL); if (IS_ENABLED(CONFIG_SHMEM) && PageSwapBacked(head)) shmem_uncharge(head->mapping->host, 1); _ Patches currently in -mm which might be from hughd(a)google.com are

6 years, 8 months

1
0
0 0

[PATCH v2] rpmsg: smd: do not use mananged resources for endpoints and channels

by Srinivas Kandagatla

All the managed resources would be freed by the time release function is invoked. Handling such memory in qcom_smd_edge_release() would do bad things. Found this issue while testing Audio usecase where the dsp is started up and shutdown in a loop. This patch fixes this issue by using simple kzalloc for allocating channel->name and channel which is then freed in qcom_smd_edge_release(). Without this patch restarting a remoteproc would crash the system. Fixes: 53e2822e56c7 ("rpmsg: Introduce Qualcomm SMD backend") Cc: <stable(a)vger.kernel.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> --- drivers/rpmsg/qcom_smd.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/rpmsg/qcom_smd.c b/drivers/rpmsg/qcom_smd.c index 5ce9bf7b897d..f63adcd95eb0 100644 --- a/drivers/rpmsg/qcom_smd.c +++ b/drivers/rpmsg/qcom_smd.c @@ -1100,12 +1100,12 @@ static struct qcom_smd_channel *qcom_smd_create_channel(struct qcom_smd_edge *ed void *info; int ret; - channel = devm_kzalloc(&edge->dev, sizeof(*channel), GFP_KERNEL); + channel = kzalloc(sizeof(*channel), GFP_KERNEL); if (!channel) return ERR_PTR(-ENOMEM); channel->edge = edge; - channel->name = devm_kstrdup(&edge->dev, name, GFP_KERNEL); + channel->name = kstrdup(name, GFP_KERNEL); if (!channel->name) return ERR_PTR(-ENOMEM); @@ -1156,8 +1156,8 @@ static struct qcom_smd_channel *qcom_smd_create_channel(struct qcom_smd_edge *ed return channel; free_name_and_channel: - devm_kfree(&edge->dev, channel->name); - devm_kfree(&edge->dev, channel); + kfree(channel->name); + kfree(channel); return ERR_PTR(ret); } @@ -1378,13 +1378,13 @@ static int qcom_smd_parse_edge(struct device *dev, */ static void qcom_smd_edge_release(struct device *dev) { - struct qcom_smd_channel *channel; + struct qcom_smd_channel *channel, *tmp; struct qcom_smd_edge *edge = to_smd_edge(dev); - list_for_each_entry(channel, &edge->channels, list) { - SET_RX_CHANNEL_INFO(channel, state, SMD_CHANNEL_CLOSED); - SET_RX_CHANNEL_INFO(channel, head, 0); - SET_RX_CHANNEL_INFO(channel, tail, 0); + list_for_each_entry_safe(channel, tmp, &edge->channels, list) { + list_del(&channel->list); + kfree(channel->name); + kfree(channel); } kfree(edge); -- 2.16.2

6 years, 8 months

2
1
0 0

[PATCH for-rc 0/2] IB/hfi1: Fixes for rc or next if too late

by Dennis Dalessandro

Hi Doug and Jason, We have two more late breaking fix up patches. The DMA_RTAIL fix is the more serious of the two. I realize we are at the tail end of 4.17 so I would not be against holding off till 4.18 for these, but if there is another rdma pull request we may want to tack these on. --- Kaike Wan (1): IB/hfi1: Ensure VL index is within bounds Mike Marciniszyn (1): IB/hfi1: Fix user context tail allocation for DMA_RTAIL drivers/infiniband/hw/hfi1/chip.c | 8 ++++---- drivers/infiniband/hw/hfi1/file_ops.c | 2 +- drivers/infiniband/hw/hfi1/init.c | 9 ++++----- drivers/infiniband/hw/hfi1/sdma.c | 12 +++--------- 4 files changed, 12 insertions(+), 19 deletions(-) -- -Denny

6 years, 8 months

3
6
0 0

[PATCH 00/29] objtool sync up for the stable 4.9.y tree

by Greg Kroah-Hartman

There are pros and cons of dealing with tools in the kernel directory. The pros are the fact that development happens fast, and new features can be added to the kernel and the tools at the same times. The cons are when dealing with backported kernel patches, it can be necessary to backport parts of the tool changes as well. For 4.9.y so far, we have backported individual patches. That quickly breaks down when there are minor differences between how backports were handled, so grabbing 40+ patch long series can be difficult, not impossible, but really frustrating to attempt. To help mitigate this mess, this patch series works to sync up the objtool code with the version that is currently in 4.14.47. This required a number of objtool old patches to be backported, a single big "sync the world" patch, and a lot of include file updates to get everything all working properly as well as some minor fixes for build warnings. And at the end of this series, is a set of backported objtool patches for gcc-8 that was the main reason this whole patch series was created. They applied just fine, being the identical version that goes into the 4.14.y stable tree, so it feels like the backport was successful. This has survivied my limited testing, and as the codebase is identical to 4.14.47, I'm pretty comfortable dropping this big change in here in 4.9.y. Hopefully all goes well... If anyone has any objections to this patch series, or finds anything I messed up on, please let me know. thanks, greg k-h Arnaldo Carvalho de Melo (11): tools include: Introduce linux/compiler-gcc.h tools include: Adopt __compiletime_error tools include: Introduce atomic_cmpxchg_{relaxed,release}() tools include: Add UINT_MAX def to kernel.h tools include: Adopt kernel's refcount.h tools include uapi: Grab copies of stat.h and fcntl.h tools include: Introduce linux/bug.h, from the kernel sources tools include: Adopt __same_type() and __must_be_array() from the kernel tools include: Move ARRAY_SIZE() to linux/kernel.h tools include: Drop ARRAY_SIZE() definition from linux/hashtable.h tools include: Include missing headers for fls() and types in linux/log2.h Greg Kroah-Hartman (4): objtool: sync up with the 4.14.47 version of objtool perf/tools: header file sync up objtool: header file sync-up x86/xen: Add unwind hint annotations to xen_setup_gdt Jiri Olsa (3): tools lib: Add for_each_clear_bit macro perf tools: Force fixdep compilation at the start of the build perf tools: Move headers check into bash script Josh Poimboeuf (8): objtool: Improve detection of BUG() and other dead ends objtool: Move checking code to check.c objtool: Support GCC 8's cold subfunctions objtool: Support GCC 8 switch tables objtool: Detect RIP-relative switch table references objtool: Detect RIP-relative switch table references, part 2 objtool: Fix "noreturn" detection for recursive sibling calls objtool, x86: Add several functions and files to the objtool whitelist Matthew Wilcox (2): tools: add more bitmap functions radix tree test suite: Remove types.h Michael S. Tsirkin (1): tools: enable endian checks for all sparse builds arch/x86/crypto/Makefile | 2 + arch/x86/crypto/sha1-mb/Makefile | 2 + arch/x86/crypto/sha256-mb/Makefile | 2 + arch/x86/include/asm/orc_types.h | 107 + arch/x86/include/asm/unwind_hints.h | 103 + arch/x86/kernel/Makefile | 1 + arch/x86/kernel/acpi/Makefile | 2 + arch/x86/kernel/kprobes/opt.c | 9 +- arch/x86/kernel/reboot.c | 2 + arch/x86/kernel/vmlinux.lds.S | 1 + arch/x86/kvm/svm.c | 2 + arch/x86/kvm/vmx.c | 3 + arch/x86/lib/msr-reg.S | 8 +- arch/x86/net/Makefile | 2 + arch/x86/platform/efi/Makefile | 1 + arch/x86/power/Makefile | 2 + arch/x86/xen/Makefile | 3 + arch/x86/xen/enlighten.c | 5 +- include/linux/compiler-gcc.h | 13 +- kernel/kexec_core.c | 4 +- tools/arch/arm/include/uapi/asm/kvm.h | 13 + tools/arch/arm64/include/uapi/asm/kvm.h | 6 + tools/arch/powerpc/include/uapi/asm/kvm.h | 1 + tools/arch/s390/include/uapi/asm/kvm.h | 5 +- tools/arch/x86/include/asm/cpufeatures.h | 44 +- .../arch/x86/include/asm/disabled-features.h | 7 +- .../arch/x86/include/asm/required-features.h | 3 +- tools/include/asm-generic/bitops.h | 1 + tools/include/asm-generic/bitops/__ffz.h | 12 + tools/include/asm-generic/bitops/find.h | 28 + tools/include/linux/atomic.h | 6 + tools/include/linux/bitmap.h | 26 + tools/include/linux/bitops.h | 5 + tools/include/linux/bug.h | 10 + tools/include/linux/compiler-gcc.h | 21 + tools/include/linux/compiler.h | 23 +- tools/include/linux/hashtable.h | 4 - tools/include/linux/kernel.h | 7 + tools/include/linux/log2.h | 3 + tools/include/linux/refcount.h | 151 ++ tools/include/linux/spinlock.h | 5 + tools/include/linux/types.h | 5 +- tools/include/uapi/asm-generic/mman-common.h | 5 + tools/include/uapi/linux/bpf.h | 51 + tools/include/uapi/linux/fcntl.h | 67 + tools/include/uapi/linux/stat.h | 45 + tools/lib/find_bit.c | 25 + tools/objtool/Build | 4 + .../Documentation/stack-validation.txt | 195 +- tools/objtool/Makefile | 35 +- tools/objtool/arch.h | 66 +- tools/objtool/arch/x86/Build | 10 +- tools/objtool/arch/x86/decode.c | 407 ++- .../arch/x86/{insn => include/asm}/inat.h | 2 +- .../x86/{insn => include/asm}/inat_types.h | 0 .../arch/x86/{insn => include/asm}/insn.h | 2 +- .../objtool/arch/x86/include/asm/orc_types.h | 107 + tools/objtool/arch/x86/{insn => lib}/inat.c | 2 +- tools/objtool/arch/x86/{insn => lib}/insn.c | 4 +- .../arch/x86/{insn => lib}/x86-opcode-map.txt | 0 .../x86/{insn => tools}/gen-insn-attr-x86.awk | 0 tools/objtool/builtin-check.c | 1297 +--------- tools/objtool/builtin-orc.c | 68 + tools/objtool/builtin.h | 6 + tools/objtool/cfi.h | 55 + tools/objtool/check.c | 2209 +++++++++++++++++ tools/objtool/check.h | 82 + tools/objtool/elf.c | 326 ++- tools/objtool/elf.h | 23 +- tools/objtool/objtool.c | 12 +- tools/objtool/orc.h | 30 + tools/objtool/orc_dump.c | 213 ++ tools/objtool/orc_gen.c | 221 ++ tools/objtool/special.c | 6 +- tools/objtool/sync-check.sh | 29 + tools/objtool/warn.h | 10 + tools/perf/MANIFEST | 6 + tools/perf/Makefile.perf | 144 +- .../arch/x86/entry/syscalls/syscall_64.tbl | 7 +- tools/perf/check-headers.sh | 61 + tools/perf/util/util.h | 2 - 81 files changed, 4802 insertions(+), 1692 deletions(-) create mode 100644 arch/x86/include/asm/orc_types.h create mode 100644 arch/x86/include/asm/unwind_hints.h create mode 100644 tools/include/asm-generic/bitops/__ffz.h create mode 100644 tools/include/linux/bug.h create mode 100644 tools/include/linux/compiler-gcc.h create mode 100644 tools/include/linux/refcount.h create mode 100644 tools/include/linux/spinlock.h create mode 100644 tools/include/uapi/linux/fcntl.h create mode 100644 tools/include/uapi/linux/stat.h rename tools/objtool/arch/x86/{insn => include/asm}/inat.h (99%) rename tools/objtool/arch/x86/{insn => include/asm}/inat_types.h (100%) rename tools/objtool/arch/x86/{insn => include/asm}/insn.h (99%) create mode 100644 tools/objtool/arch/x86/include/asm/orc_types.h rename tools/objtool/arch/x86/{insn => lib}/inat.c (99%) rename tools/objtool/arch/x86/{insn => lib}/insn.c (99%) rename tools/objtool/arch/x86/{insn => lib}/x86-opcode-map.txt (100%) rename tools/objtool/arch/x86/{insn => tools}/gen-insn-attr-x86.awk (100%) create mode 100644 tools/objtool/builtin-orc.c create mode 100644 tools/objtool/cfi.h create mode 100644 tools/objtool/check.c create mode 100644 tools/objtool/check.h create mode 100644 tools/objtool/orc.h create mode 100644 tools/objtool/orc_dump.c create mode 100644 tools/objtool/orc_gen.c create mode 100644 tools/objtool/sync-check.sh create mode 100644 tools/perf/check-headers.sh -- 2.17.1

6 years, 8 months

2
30
0 0

Applied "ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it" to the asoc tree

by Mark Brown

The patch ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it has been applied to the asoc tree at https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git All being well this means that it will be integrated into the linux-next tree (usually sometime in the next 24 hours) and sent to Linus during the next merge window (or sooner if it is a bug fix), however if problems are discovered then the patch may be dropped or reverted. You may get further e-mails resulting from automated or manual testing and review of the tree, please engage with people reporting problems and send followup patches addressing any issues that are reported if needed. If any updates are required or you are submitting further changes they should be sent as incremental updates against current git, existing patches will not be replaced. Please add any relevant lists and maintainers to the CCs when replying to this mail. Thanks, Mark >From ff2faf1289c1f81b5b26b9451dd1c2006aac8db8 Mon Sep 17 00:00:00 2001 From: Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> Date: Mon, 4 Jun 2018 12:13:26 +0100 Subject: [PATCH] ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it dapm_kcontrol_data is freed as part of dapm_kcontrol_free(), leaving the paths pointer dangling in the list. This leads to system crash when we try to unload and reload sound card. I hit this bug during ADSP crash/reboot test case on Dragon board DB410c. Without this patch, on SLAB Poisoning enabled build, kernel crashes with "BUG kmalloc-128 (Tainted: G W ): Poison overwritten" Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org --- sound/soc/soc-dapm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sound/soc/soc-dapm.c b/sound/soc/soc-dapm.c index 1e9a36389667..36a39ba30226 100644 --- a/sound/soc/soc-dapm.c +++ b/sound/soc/soc-dapm.c @@ -433,6 +433,8 @@ static int dapm_kcontrol_data_alloc(struct snd_soc_dapm_widget *widget, static void dapm_kcontrol_free(struct snd_kcontrol *kctl) { struct dapm_kcontrol_data *data = snd_kcontrol_chip(kctl); + + list_del(&data->paths); kfree(data->wlist); kfree(data); } -- 2.17.0

6 years, 8 months

1
0
0 0

[PATCH] cifs: For SMB2 security informaion query, check for minimum sized security descriptor instead of sizeof FileAllInformation class

by shirishpargaonkar＠gmail.com

From: Shirish Pargaonkar <shirishpargaonkar(a)gmail.com> Validate_buf () function checks for an expected minimum sized response passed to query_info() function. For security information, the size of a security descriptor can be smaller (one subauthority, no ACEs) than the size of the structure that defines FileInfoClass of FileAllInformation. Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199725 Cc: <stable(a)vger.kernel.org> Signed-off-by: Shirish Pargaonkar <shirishpargaonkar(a)gmail.com> Signed-off-by: Noah Morrison <noah.morrison(a)rubrik.com> --- fs/cifs/cifsacl.h | 14 ++++++++++++++ fs/cifs/smb2pdu.c | 3 +-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/fs/cifs/cifsacl.h b/fs/cifs/cifsacl.h index 4f38848..dd95a6f 100644 --- a/fs/cifs/cifsacl.h +++ b/fs/cifs/cifsacl.h @@ -98,4 +98,18 @@ struct cifs_ace { struct cifs_sid sid; /* ie UUID of user or group who gets these perms */ } __attribute__((packed)); +/* + * Minimum security identifier can be one for system defined Users + * and Groups such as NULL SID and World or Built-in accounts such + * as Administrator and Guest and consists of + * Revision + Num (Sub)Auths + Authority + Domain (one Subauthority) + */ +#define MIN_SID_LEN (1 + 1 + 6 + 4) /* in bytes */ + +/* + * Minimum security descriptor can be one without any SACL and DACL and can + * consist of revision, type, and two sids of minimum size for owner and group + */ +#define MIN_SEC_DESC_LEN (sizeof(struct cifs_ntsd) + (2 * MIN_SID_LEN)) + #endif /* _CIFSACL_H */ diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 60db51b..47538a4 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -2374,8 +2374,7 @@ int SMB2_query_info(const unsigned int xid, struct cifs_tcon *tcon, return query_info(xid, tcon, persistent_fid, volatile_fid, 0, SMB2_O_INFO_SECURITY, additional_info, - SMB2_MAX_BUFFER_SIZE, - sizeof(struct smb2_file_all_info), data, plen); + SMB2_MAX_BUFFER_SIZE, MIN_SEC_DESC_LEN, data, plen); } int -- 1.9.1

6 years, 8 months

1
0
0 0

[PATCH] rpmsg: smd: do not use mananged resources for endpoints and channels

by Srinivas Kandagatla

All the managed resources would be freed by the time release function is invoked. Handling such memory in qcom_smd_edge_release() would do bad things. Found this issue while testing Audio usecase where the dsp is started up and shutdown in a loop. This patch fixes this issue by using simple kzalloc for allocating channel->name and channel which is then freed in qcom_smd_edge_release(). Without this patch restarting a remoteproc would crash the system. Fixes: 53e2822e56c7 ("rpmsg: Introduce Qualcomm SMD backend") Cc: <stable(a)vger.kernel.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> --- drivers/rpmsg/qcom_smd.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/drivers/rpmsg/qcom_smd.c b/drivers/rpmsg/qcom_smd.c index 5ce9bf7b897d..49d3838dfc3d 100644 --- a/drivers/rpmsg/qcom_smd.c +++ b/drivers/rpmsg/qcom_smd.c @@ -1100,12 +1100,12 @@ static struct qcom_smd_channel *qcom_smd_create_channel(struct qcom_smd_edge *ed void *info; int ret; - channel = devm_kzalloc(&edge->dev, sizeof(*channel), GFP_KERNEL); + channel = kzalloc(sizeof(*channel), GFP_KERNEL); if (!channel) return ERR_PTR(-ENOMEM); channel->edge = edge; - channel->name = devm_kstrdup(&edge->dev, name, GFP_KERNEL); + channel->name = kstrdup(name, GFP_KERNEL); if (!channel->name) return ERR_PTR(-ENOMEM); @@ -1156,8 +1156,8 @@ static struct qcom_smd_channel *qcom_smd_create_channel(struct qcom_smd_edge *ed return channel; free_name_and_channel: - devm_kfree(&edge->dev, channel->name); - devm_kfree(&edge->dev, channel); + kfree(channel->name); + kfree(channel); return ERR_PTR(ret); } @@ -1380,11 +1380,13 @@ static void qcom_smd_edge_release(struct device *dev) { struct qcom_smd_channel *channel; struct qcom_smd_edge *edge = to_smd_edge(dev); + struct list_head *this, *tmp; - list_for_each_entry(channel, &edge->channels, list) { - SET_RX_CHANNEL_INFO(channel, state, SMD_CHANNEL_CLOSED); - SET_RX_CHANNEL_INFO(channel, head, 0); - SET_RX_CHANNEL_INFO(channel, tail, 0); + list_for_each_safe(this, tmp, &edge->channels) { + channel = list_entry(this, struct qcom_smd_channel, list); + list_del(&channel->list); + kfree(channel->name); + kfree(channel); } kfree(edge); -- 2.16.2

6 years, 8 months

2
2
0 0

[PATCH] mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock

by Jarkko Nikula

Intel Cannon Lake PCH has much higher 216 MHz input clock to LPSS I2C than Sunrisepoint which uses 120 MHz. Preliminary information was that both share the same clock rate but actual silicon implements elevated rate for better support for 3.4 MHz high-speed I2C. This incorrect input clock rate results too high I2C bus clock in case ACPI doesn't provide tuned I2C timing parameters since I2C host controller driver calculates them from input clock rate. Fix this by using the correct rate. We still share the same 230 ns SDA hold time value than Sunrisepoint. Cc: stable(a)vger.kernel.org Fixes: b418bbff36dd ("mfd: intel-lpss: Add Intel Cannonlake PCI IDs") Reported-by: Jian-Hong Pan <jian-hong(a)endlessm.com> Reported-by: Chris Chiu <chiu(a)endlessm.com> Reported-by: Daniel Drake <drake(a)endlessm.com> Signed-off-by: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> --- Hi Jian-Hong, Chris and Daniel. Could you test does this fix your touchpad issue? --- drivers/mfd/intel-lpss-pci.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/drivers/mfd/intel-lpss-pci.c b/drivers/mfd/intel-lpss-pci.c index d1c46de89eb4..d9ae983095c5 100644 --- a/drivers/mfd/intel-lpss-pci.c +++ b/drivers/mfd/intel-lpss-pci.c @@ -124,6 +124,11 @@ static const struct intel_lpss_platform_info apl_i2c_info = { .properties = apl_i2c_properties, }; +static const struct intel_lpss_platform_info cnl_i2c_info = { + .clk_rate = 216000000, + .properties = spt_i2c_properties, +}; + static const struct pci_device_id intel_lpss_pci_ids[] = { /* BXT A-Step */ { PCI_VDEVICE(INTEL, 0x0aac), (kernel_ulong_t)&bxt_i2c_info }, @@ -207,13 +212,13 @@ static const struct pci_device_id intel_lpss_pci_ids[] = { { PCI_VDEVICE(INTEL, 0x9daa), (kernel_ulong_t)&spt_info }, { PCI_VDEVICE(INTEL, 0x9dab), (kernel_ulong_t)&spt_info }, { PCI_VDEVICE(INTEL, 0x9dfb), (kernel_ulong_t)&spt_info }, - { PCI_VDEVICE(INTEL, 0x9dc5), (kernel_ulong_t)&spt_i2c_info }, - { PCI_VDEVICE(INTEL, 0x9dc6), (kernel_ulong_t)&spt_i2c_info }, + { PCI_VDEVICE(INTEL, 0x9dc5), (kernel_ulong_t)&cnl_i2c_info }, + { PCI_VDEVICE(INTEL, 0x9dc6), (kernel_ulong_t)&cnl_i2c_info }, { PCI_VDEVICE(INTEL, 0x9dc7), (kernel_ulong_t)&spt_uart_info }, - { PCI_VDEVICE(INTEL, 0x9de8), (kernel_ulong_t)&spt_i2c_info }, - { PCI_VDEVICE(INTEL, 0x9de9), (kernel_ulong_t)&spt_i2c_info }, - { PCI_VDEVICE(INTEL, 0x9dea), (kernel_ulong_t)&spt_i2c_info }, - { PCI_VDEVICE(INTEL, 0x9deb), (kernel_ulong_t)&spt_i2c_info }, + { PCI_VDEVICE(INTEL, 0x9de8), (kernel_ulong_t)&cnl_i2c_info }, + { PCI_VDEVICE(INTEL, 0x9de9), (kernel_ulong_t)&cnl_i2c_info }, + { PCI_VDEVICE(INTEL, 0x9dea), (kernel_ulong_t)&cnl_i2c_info }, + { PCI_VDEVICE(INTEL, 0x9deb), (kernel_ulong_t)&cnl_i2c_info }, /* SPT-H */ { PCI_VDEVICE(INTEL, 0xa127), (kernel_ulong_t)&spt_uart_info }, { PCI_VDEVICE(INTEL, 0xa128), (kernel_ulong_t)&spt_uart_info }, @@ -240,10 +245,10 @@ static const struct pci_device_id intel_lpss_pci_ids[] = { { PCI_VDEVICE(INTEL, 0xa32b), (kernel_ulong_t)&spt_info }, { PCI_VDEVICE(INTEL, 0xa37b), (kernel_ulong_t)&spt_info }, { PCI_VDEVICE(INTEL, 0xa347), (kernel_ulong_t)&spt_uart_info }, - { PCI_VDEVICE(INTEL, 0xa368), (kernel_ulong_t)&spt_i2c_info }, - { PCI_VDEVICE(INTEL, 0xa369), (kernel_ulong_t)&spt_i2c_info }, - { PCI_VDEVICE(INTEL, 0xa36a), (kernel_ulong_t)&spt_i2c_info }, - { PCI_VDEVICE(INTEL, 0xa36b), (kernel_ulong_t)&spt_i2c_info }, + { PCI_VDEVICE(INTEL, 0xa368), (kernel_ulong_t)&cnl_i2c_info }, + { PCI_VDEVICE(INTEL, 0xa369), (kernel_ulong_t)&cnl_i2c_info }, + { PCI_VDEVICE(INTEL, 0xa36a), (kernel_ulong_t)&cnl_i2c_info }, + { PCI_VDEVICE(INTEL, 0xa36b), (kernel_ulong_t)&cnl_i2c_info }, { } }; MODULE_DEVICE_TABLE(pci, intel_lpss_pci_ids); -- 2.17.0

6 years, 8 months

5
4
0 0

[PATCH] drm/qxl: Call qxl_bo_unref outside atomic context

by Jeremy Cline

"qxl_bo_unref" may sleep, but calling "qxl_release_map" causes "preempt_disable()" to be called and "preempt_enable()" isn't called until "qxl_release_unmap" is used. Move the call to "qxl_bo_unref" out from in between the two to avoid sleeping from an atomic context. This issue can be demonstrated on a kernel with CONFIG_LOCKDEP=y by creating a VM using QXL, using a desktop environment using Xorg, then moving the cursor on or off a window. Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1571128 Fixes: 9428088c90b6 ("drm/qxl: reapply cursor after resetting primary") Cc: stable(a)vger.kernel.org Signed-off-by: Jeremy Cline <jcline(a)redhat.com> --- drivers/gpu/drm/qxl/qxl_display.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/qxl/qxl_display.c b/drivers/gpu/drm/qxl/qxl_display.c index ecb35ed0eac8..61e51516fec5 100644 --- a/drivers/gpu/drm/qxl/qxl_display.c +++ b/drivers/gpu/drm/qxl/qxl_display.c @@ -630,7 +630,7 @@ static void qxl_cursor_atomic_update(struct drm_plane *plane, struct qxl_cursor_cmd *cmd; struct qxl_cursor *cursor; struct drm_gem_object *obj; - struct qxl_bo *cursor_bo = NULL, *user_bo = NULL; + struct qxl_bo *cursor_bo = NULL, *user_bo = NULL, *old_cursor_bo = NULL; int ret; void *user_ptr; int size = 64*64*4; @@ -684,7 +684,7 @@ static void qxl_cursor_atomic_update(struct drm_plane *plane, cursor_bo, 0); cmd->type = QXL_CURSOR_SET; - qxl_bo_unref(&qcrtc->cursor_bo); + old_cursor_bo = qcrtc->cursor_bo; qcrtc->cursor_bo = cursor_bo; cursor_bo = NULL; } else { @@ -704,6 +704,9 @@ static void qxl_cursor_atomic_update(struct drm_plane *plane, qxl_push_cursor_ring_release(qdev, release, QXL_CMD_CURSOR, false); qxl_release_fence_buffer_objects(release); + if (old_cursor_bo) + qxl_bo_unref(&old_cursor_bo); + qxl_bo_unref(&cursor_bo); return; -- 2.17.0

6 years, 8 months

2
1
0 0

Please add commit 145e1a71e090 to stable

by Hugh Dickins

Please add 4.17 commit 145e1a71e090575c74969e3daa8136d1e5b99fc8 ("mm: fix the NULL mapping case in __isolate_lru_page()") to the 4.16, 4.14, 4.9, 4.4, 3.18 and 3.2 stable kernel trees. Two things happened after I'd sent it to Andrew without a stable tag: 1. Ivan posted an equivalent patch: after painstaking bisection, he had found the fixed commit to be what was causing strange blocking (surprising to the rest of us, we had imagined it just suboptimal). 2. The fixed commit arrived in five stable kernel releases (presumably arriving there by auto selection: which will in due course pick up this fix to it, but I don't know its cadence). Thanks, Hugh From: Hugh Dickins <hughd(a)google.com> Date: Fri, 1 Jun 2018 16:50:50 -0700 George Boole would have noticed a slight error in 4.16 commit 69d763fc6d3a ("mm: pin address_space before dereferencing it while isolating an LRU page"). Fix it, to match both the comment above it, and the original behaviour. Although anonymous pages are not marked PageDirty at first, we have an old habit of calling SetPageDirty when a page is removed from swap cache: so there's a category of ex-swap pages that are easily migratable, but were inadvertently excluded from compaction's async migration in 4.16. Link: http://lkml.kernel.org/r/alpine.LSU.2.11.1805302014001.12558@eggly.anvils Fixes: 69d763fc6d3a ("mm: pin address_space before dereferencing it while isolating an LRU page") Signed-off-by: Hugh Dickins <hughd(a)google.com> Acked-by: Minchan Kim <minchan(a)kernel.org> Acked-by: Mel Gorman <mgorman(a)techsingularity.net> Reported-by: Ivan Kalvachev <ikalvachev(a)gmail.com> Cc: "Huang, Ying" <ying.huang(a)intel.com> Cc: Jan Kara <jack(a)suse.cz> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> --- mm/vmscan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/vmscan.c b/mm/vmscan.c index 9b697323a88c..9270a4370d54 100644 --- a/mm/vmscan.c +++ b/mm/vmscan.c @@ -1418,7 +1418,7 @@ int __isolate_lru_page(struct page *page, isolate_mode_t mode) return ret; mapping = page_mapping(page); - migrate_dirty = mapping && mapping->a_ops->migratepage; + migrate_dirty = !mapping || mapping->a_ops->migratepage; unlock_page(page); if (!migrate_dirty) return ret; -- 1.8.4.5

6 years, 8 months

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror June 2018